Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356603
P. Pivato, S. Dalpez, D. Macii
Wireless distance measurement techniques based on portable embedded platforms are expected to play a key role in several industrial and domestic applications. In this paper the ranging accuracy of a commercial Chirp Spread Spectrum (CSS) kit is evaluated experimentally in a real-world context. The proposed analysis provides more precise and exhaustive information than what it is usually reported in the technical literature. In fact, this paper is specifically focused on performance evaluation and it deals with the case of short-range indoor scenarios in both Line-of-Sight (LOS) and Non-Line-of-Sight (NLOS) repeatable conditions. The resulting analysis represents the first step towards the design of a custom indoor embedded navigation system for a smart rollator assisting impaired people to move safely in an indoor public environment.
{"title":"Performance evaluation of Chirp Spread Spectrum ranging for indoor embedded navigation systems","authors":"P. Pivato, S. Dalpez, D. Macii","doi":"10.1109/SIES.2012.6356603","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356603","url":null,"abstract":"Wireless distance measurement techniques based on portable embedded platforms are expected to play a key role in several industrial and domestic applications. In this paper the ranging accuracy of a commercial Chirp Spread Spectrum (CSS) kit is evaluated experimentally in a real-world context. The proposed analysis provides more precise and exhaustive information than what it is usually reported in the technical literature. In fact, this paper is specifically focused on performance evaluation and it deals with the case of short-range indoor scenarios in both Line-of-Sight (LOS) and Non-Line-of-Sight (NLOS) repeatable conditions. The resulting analysis represents the first step towards the design of a custom indoor embedded navigation system for a smart rollator assisting impaired people to move safely in an indoor public environment.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116178406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356579
Andreas Hjertström, Dag Nyström, Mikael Sjödin
We propose to integrate a real-time database management system into the basic software of the AUTOSAR component model. This integration can be performed without violating the fundamental principles of the component-based approach of AUTOSAR. Our database-centric approach allows developers to focus on application development instead of reinventing data management techniques or develop solutions using internal data structures. We use state-of-the-art database pointer techniques to achieve predictable timing, and database proxies to maintain component encapsulation and independence of data-management strategies. The paper illustrates the feasibility of our proposal when database proxies are used to manage the data communication between components and to perform run-time monitoring on the virtual function bus. Our implementation results show that the above benefits do not come at the expense of less accurate timing predictions while only introducing a total application CPU overhead, in the order of 4%.
{"title":"Introducing database-centric support in AUTOSAR","authors":"Andreas Hjertström, Dag Nyström, Mikael Sjödin","doi":"10.1109/SIES.2012.6356579","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356579","url":null,"abstract":"We propose to integrate a real-time database management system into the basic software of the AUTOSAR component model. This integration can be performed without violating the fundamental principles of the component-based approach of AUTOSAR. Our database-centric approach allows developers to focus on application development instead of reinventing data management techniques or develop solutions using internal data structures. We use state-of-the-art database pointer techniques to achieve predictable timing, and database proxies to maintain component encapsulation and independence of data-management strategies. The paper illustrates the feasibility of our proposal when database proxies are used to manage the data communication between components and to perform run-time monitoring on the virtual function bus. Our implementation results show that the above benefits do not come at the expense of less accurate timing predictions while only introducing a total application CPU overhead, in the order of 4%.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128850444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356570
J. Marinho, Vincent Nélis, Stefan M. Petters, I. Puaut
In embedded systems, the timing behaviour of the control mechanisms are sometimes of critical importance for the operational safety. These high criticality systems require strict compliance with the offline predicted task execution time. The execution of a task when subject to preemption may vary significantly in comparison to its non-preemptive execution. Hence, when preemptive scheduling is required to operate the workload, preemption delay estimation is of paramount importance. In this paper a preemption delay estimation method for floating non-preemptive scheduling policies is presented. This work builds on [1], extending the model and optimising it considerably. The preemption delay function is subject to a major tightness improvement, considering the WCET analysis context. Moreover more information is provided as well in the form of an extrinsic cache misses function, which enables the method to provide a solution in situations where the non-preemptive regions sizes are small. Finally experimental results from the implementation of the proposed solutions in Heptane are provided for real benchmarks which validate the significance of this work.
{"title":"An improved preemption delay upper bound for floating non-preemptive region","authors":"J. Marinho, Vincent Nélis, Stefan M. Petters, I. Puaut","doi":"10.1109/SIES.2012.6356570","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356570","url":null,"abstract":"In embedded systems, the timing behaviour of the control mechanisms are sometimes of critical importance for the operational safety. These high criticality systems require strict compliance with the offline predicted task execution time. The execution of a task when subject to preemption may vary significantly in comparison to its non-preemptive execution. Hence, when preemptive scheduling is required to operate the workload, preemption delay estimation is of paramount importance. In this paper a preemption delay estimation method for floating non-preemptive scheduling policies is presented. This work builds on [1], extending the model and optimising it considerably. The preemption delay function is subject to a major tightness improvement, considering the WCET analysis context. Moreover more information is provided as well in the form of an extrinsic cache misses function, which enables the method to provide a solution in situations where the non-preemptive regions sizes are small. Finally experimental results from the implementation of the proposed solutions in Heptane are provided for real benchmarks which validate the significance of this work.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126663080","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356581
Abhilash Thekkilakattil, R. Dobrin, S. Punnekkat
Preemption related costs are major sources of unpredictability in the task execution times in a real-time system. We examine the possibility of using CPU frequency scaling to control the preemption behavior of real-time sporadic tasks scheduled using a preemptive Fixed Priority Scheduling (FPS) policy. Our combined offline-online method provides probabilistic preemption control guarantees by making use of the release time probabilities of the sporadic tasks. The offline phase derives the probability related deviation from the minimum inter-arrival time of tasks. The online algorithm uses this information to calculate appropriate CPU frequencies that guarantees non-preemptive task executions while preserving the overall system schedulability. The online algorithm has a linear complexity and does not lead to significant implementation overheads. Our evaluations demonstrate the effectiveness of the method as well as the possibility of energy-preemption trade offs. Even though we have considered FPS, our method can easily be extended to dynamic priority scheduling schemes.
{"title":"Probabilistic preemption control using frequency scaling for sporadic real-time tasks","authors":"Abhilash Thekkilakattil, R. Dobrin, S. Punnekkat","doi":"10.1109/SIES.2012.6356581","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356581","url":null,"abstract":"Preemption related costs are major sources of unpredictability in the task execution times in a real-time system. We examine the possibility of using CPU frequency scaling to control the preemption behavior of real-time sporadic tasks scheduled using a preemptive Fixed Priority Scheduling (FPS) policy. Our combined offline-online method provides probabilistic preemption control guarantees by making use of the release time probabilities of the sporadic tasks. The offline phase derives the probability related deviation from the minimum inter-arrival time of tasks. The online algorithm uses this information to calculate appropriate CPU frequencies that guarantees non-preemptive task executions while preserving the overall system schedulability. The online algorithm has a linear complexity and does not lead to significant implementation overheads. Our evaluations demonstrate the effectiveness of the method as well as the possibility of energy-preemption trade offs. Even though we have considered FPS, our method can easily be extended to dynamic priority scheduling schemes.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129071231","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356585
Mircea Negrean, R. Ernst
There is an important class of scheduling strategies that has not been sufficiently covered by the real-time scheduling literature. The new multi-core extensions of the AUTOSAR automotive standard - the dominating automotive design worldwide - uses a combination of partitioned fixed-priority scheduling strategies with preemptive and non-preemptive execution and (potentially) arbitrary deadlines. Since multi-core systems in general use shared resources, this leads to the problem of analyzing preemptive and non-preemptive multiprocessor scheduling with shared resources. While preemptive scheduling has been well investigated in this setup, non-preemptive scheduling analysis is still open and cannot simply be derived. In this paper, we address this subject and present an analysis method which allows the calculation of response-times for tasks with arbitrary activations and deadlines which share resources in multi-core systems scheduled according to the partitioned fixed-priority non-preemptive scheduling. We consider this work an essential building block for the analysis of upcoming multi-core realtime applications where both preemptive and non-preemptive scheduling coexist.
{"title":"Response-time analysis for non-preemptive scheduling in multi-core systems with shared resources","authors":"Mircea Negrean, R. Ernst","doi":"10.1109/SIES.2012.6356585","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356585","url":null,"abstract":"There is an important class of scheduling strategies that has not been sufficiently covered by the real-time scheduling literature. The new multi-core extensions of the AUTOSAR automotive standard - the dominating automotive design worldwide - uses a combination of partitioned fixed-priority scheduling strategies with preemptive and non-preemptive execution and (potentially) arbitrary deadlines. Since multi-core systems in general use shared resources, this leads to the problem of analyzing preemptive and non-preemptive multiprocessor scheduling with shared resources. While preemptive scheduling has been well investigated in this setup, non-preemptive scheduling analysis is still open and cannot simply be derived. In this paper, we address this subject and present an analysis method which allows the calculation of response-times for tasks with arbitrary activations and deadlines which share resources in multi-core systems scheduled according to the partitioned fixed-priority non-preemptive scheduling. We consider this work an essential building block for the analysis of upcoming multi-core realtime applications where both preemptive and non-preemptive scheduling coexist.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128852116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356574
Unmesh D. Bordoloi, Bogdan Tanasa, P. Eles, Zebo Peng
FlexRay, developed by a consortium of over hundred automotive companies, is a real-time communication protocol for automotive networks. A communication cycle in FlexRay consists of an event-triggered component known as the dynamic (DYN) segment, apart from a time-triggered segment. Predicting the worst-case response time of messages transmitted on the DYN segment is a difficult problem. This is because a set of complex rules, apart from the priorities of the messages, govern the DYN segment protocol. In this paper, we survey techniques for the timing analysis of the DYN segment. We discuss the challenges associated with the timing analysis of the FlexRay protocol, the proposed techniques and their limitations.
{"title":"On the timing analysis of the dynamic segment of FlexRay","authors":"Unmesh D. Bordoloi, Bogdan Tanasa, P. Eles, Zebo Peng","doi":"10.1109/SIES.2012.6356574","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356574","url":null,"abstract":"FlexRay, developed by a consortium of over hundred automotive companies, is a real-time communication protocol for automotive networks. A communication cycle in FlexRay consists of an event-triggered component known as the dynamic (DYN) segment, apart from a time-triggered segment. Predicting the worst-case response time of messages transmitted on the DYN segment is a difficult problem. This is because a set of complex rules, apart from the priorities of the messages, govern the DYN segment protocol. In this paper, we survey techniques for the timing analysis of the DYN segment. We discuss the challenges associated with the timing analysis of the FlexRay protocol, the proposed techniques and their limitations.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114276430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356607
K. Wang, Z. Salcic, Mathew R. Wilson, Karl M. Brook
Miniaturized wireless sensor nodes have demonstrated promising use in many application fields. This paper presents a new wireless sensor node designed for earthquake simulation and structural health monitoring applications. The sensor node is based on an ultra-low power System-on-Chip (SoC) microcontroller with an integrated sub-1GHz radio core. The node is also equipped with a temperature sensor and a 3-axis accelerometer to monitor its ambient environment and geotechnical movements. The sensor is designed targeting minimum physical size and power consumption. The shake table earthquake-like simulation showed that the node can correctly measure typical seismic acceleration and work autonomously for up to 17 days with continuous acceleration measurement and 30 minutes of effective radio transmission every day.
{"title":"Miniaturized wireless sensor node for earthquake monitoring applications","authors":"K. Wang, Z. Salcic, Mathew R. Wilson, Karl M. Brook","doi":"10.1109/SIES.2012.6356607","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356607","url":null,"abstract":"Miniaturized wireless sensor nodes have demonstrated promising use in many application fields. This paper presents a new wireless sensor node designed for earthquake simulation and structural health monitoring applications. The sensor node is based on an ultra-low power System-on-Chip (SoC) microcontroller with an integrated sub-1GHz radio core. The node is also equipped with a temperature sensor and a 3-axis accelerometer to monitor its ambient environment and geotechnical movements. The sensor is designed targeting minimum physical size and power consumption. The shake table earthquake-like simulation showed that the node can correctly measure typical seismic acceleration and work autonomously for up to 17 days with continuous acceleration measurement and 30 minutes of effective radio transmission every day.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"206 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115738454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356577
Hüseyin Aysan, R. Dobrin, S. Punnekkat, I. Bate
Hard real-time applications typically have to satisfy high dependability requirements in terms of fault tolerance in both the value and the time domains. Loosely synchronized real-time systems, which represent many of the systems that are developed, make any form of voting difficult as each replica may provide different outputs independent of whether there has been an error or not. This can also lead to false positives and false negatives which makes achieving fault tolerance, and hence dependability, difficult. We have earlier proposed a majority voting technique, “Voting on Time and Value” (VTV) that explicitly considers combinations of value and timing errors, targeting loosely-synchronised systems. In this paper, we extend VTV to enable voter parameter tuning to obtain the desired user specified trade-offs between the false positive and false negative rates in the voter outputs. We evaluate the performance of VTV against Compare Majority Voting (CMV), which is a known voting approach applicable in similar contexts, through extensive simulation studies. The results clearly demonstrate that VTV outperforms CMV in all scenarios with lower false negative rates.
{"title":"On voting strategies for loosely synchronized dependable real-time systems","authors":"Hüseyin Aysan, R. Dobrin, S. Punnekkat, I. Bate","doi":"10.1109/SIES.2012.6356577","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356577","url":null,"abstract":"Hard real-time applications typically have to satisfy high dependability requirements in terms of fault tolerance in both the value and the time domains. Loosely synchronized real-time systems, which represent many of the systems that are developed, make any form of voting difficult as each replica may provide different outputs independent of whether there has been an error or not. This can also lead to false positives and false negatives which makes achieving fault tolerance, and hence dependability, difficult. We have earlier proposed a majority voting technique, “Voting on Time and Value” (VTV) that explicitly considers combinations of value and timing errors, targeting loosely-synchronised systems. In this paper, we extend VTV to enable voter parameter tuning to obtain the desired user specified trade-offs between the false positive and false negative rates in the voter outputs. We evaluate the performance of VTV against Compare Majority Voting (CMV), which is a known voting approach applicable in similar contexts, through extensive simulation studies. The results clearly demonstrate that VTV outperforms CMV in all scenarios with lower false negative rates.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116270765","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356601
A. Hattendorf, A. Raabe, A. Knoll
The introduction of multicore architectures in embedded systems allows system integrators to locate multiple applications on the same chip. In the context of certification separation of these applications is mandatory. Most current multicore systems have a low core count and programmers have a need for easily utilizable platforms. Therefore, most of the current multicore systems use shared memory architectures based on bus communication. In this paper we discuss several possible architectures for shared memory protection using local and shared MPUs and MMUs for architectures of this type. This analysis includes typical use cases for multicore systems and their compatibility to these architectures. It has a strong focus on the platform's suitability for mixed-critical workloads with some cores executing safety-critical, hard-real-time applications. This paper proposes a novel shared memory protection unit to efficiently enforce spatial separation of the shared memory among the cores. Preliminary synthesis results are provided along with latency considerations relevant for hard-real-time application.
{"title":"Shared memory protection for spatial separation in multicore architectures","authors":"A. Hattendorf, A. Raabe, A. Knoll","doi":"10.1109/SIES.2012.6356601","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356601","url":null,"abstract":"The introduction of multicore architectures in embedded systems allows system integrators to locate multiple applications on the same chip. In the context of certification separation of these applications is mandatory. Most current multicore systems have a low core count and programmers have a need for easily utilizable platforms. Therefore, most of the current multicore systems use shared memory architectures based on bus communication. In this paper we discuss several possible architectures for shared memory protection using local and shared MPUs and MMUs for architectures of this type. This analysis includes typical use cases for multicore systems and their compatibility to these architectures. It has a strong focus on the platform's suitability for mixed-critical workloads with some cores executing safety-critical, hard-real-time applications. This paper proposes a novel shared memory protection unit to efficiently enforce spatial separation of the shared memory among the cores. Preliminary synthesis results are provided along with latency considerations relevant for hard-real-time application.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131666214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2012-06-20DOI: 10.1109/SIES.2012.6356590
R. Kammerer, Bernhard Frömel, Armin Wasicek
Controller Area Network (CAN) is the most widely used protocol in the automotive domain. Bus-based CAN does not provide any security mechanisms to counter manipulations like eavesdropping, fabrication of messages, or denial-of-service attacks. The vulnerabilities in bus-based CAN are alarming, because safety-critical subsystems (e.g., the power train) often deploy a CAN bus, and hence a failure propagation from the security domain to the safety domain can take place. In this paper we propose a star coupling router and a trust model for this router to overcome some of the security deficiencies present in bus-based CAN systems. The CAN router establishes a partitioning of a CAN bus into separate CAN segments and allows to rigorously check the traffic within the CAN system, including the value and time domains. We evaluate the introduced trust model on a prototype implementation of the CAN router by performing attacks that would be successful on classic bus-based CAN, but are detected and contained on router-based CAN. The router can consequently increase the security in automotive applications and render some of the attacks described in the literature (e.g., fuzzying attack) on a car useless. Since the CAN router offers ports that are compatible to standard CAN, the router can be used to increase the security of legacy CAN based systems.
{"title":"Enhancing security in CAN systems using a star coupling router","authors":"R. Kammerer, Bernhard Frömel, Armin Wasicek","doi":"10.1109/SIES.2012.6356590","DOIUrl":"https://doi.org/10.1109/SIES.2012.6356590","url":null,"abstract":"Controller Area Network (CAN) is the most widely used protocol in the automotive domain. Bus-based CAN does not provide any security mechanisms to counter manipulations like eavesdropping, fabrication of messages, or denial-of-service attacks. The vulnerabilities in bus-based CAN are alarming, because safety-critical subsystems (e.g., the power train) often deploy a CAN bus, and hence a failure propagation from the security domain to the safety domain can take place. In this paper we propose a star coupling router and a trust model for this router to overcome some of the security deficiencies present in bus-based CAN systems. The CAN router establishes a partitioning of a CAN bus into separate CAN segments and allows to rigorously check the traffic within the CAN system, including the value and time domains. We evaluate the introduced trust model on a prototype implementation of the CAN router by performing attacks that would be successful on classic bus-based CAN, but are detected and contained on router-based CAN. The router can consequently increase the security in automotive applications and render some of the attacks described in the literature (e.g., fuzzying attack) on a car useless. Since the CAN router offers ports that are compatible to standard CAN, the router can be used to increase the security of legacy CAN based systems.","PeriodicalId":219258,"journal":{"name":"7th IEEE International Symposium on Industrial Embedded Systems (SIES'12)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129419819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: